A stack buffer overflow in the kadm_ser_wrap_in function in the
Kerberos v4 administration server was discovered, which is provided by
Heimdal as well. A working exploit for this kadmind bug is already
circulating, hence it is considered serious. The broken library also
contains a vulnerability which could lead to another root exploit.

These problems have been fixed in version 0.4e-7.woody.5 for the
current stable distribution (woody), in version 0.2l-7.6 for the old
stable distribution (potato) and in version 0.4e-22 for the unstable
distribution (sid).